package com.example.security.controller;

import com.example.security.common.Result;
import com.example.security.entity.SysPermission;
import com.example.security.service.PermissionService;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.tags.Tag;
import lombok.RequiredArgsConstructor;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;

import java.util.List;

@Tag(name = "权限管理")
@RestController
@RequestMapping("/api/permission")
@RequiredArgsConstructor
public class PermissionController {

    private final PermissionService permissionService;

    @GetMapping("/list")
    @Operation(summary = "获取权限列表")
    public Result<List<SysPermission>> list() {
        return Result.ok(permissionService.getPermissionTree());
    }

    @PostMapping
    @Operation(summary = "添加权限")
    public Result<Void> add(@RequestBody @Validated SysPermission permission) {
        permissionService.addPermission(permission);
        return Result.ok();
    }

    @Operation(summary = "修改权限")
    @PutMapping
    @PreAuthorize("hasAuthority('system:permission:edit')")
    public Result<Void> update(@Validated @RequestBody SysPermission permission) {
        permissionService.updatePermission(permission);
        return Result.ok();
    }

    @Operation(summary = "删除权限")
    @DeleteMapping("/{id}")
    @PreAuthorize("hasAuthority('system:permission:delete')")
    public Result<Void> delete(@PathVariable Long id) {
        permissionService.deletePermission(id);
        return Result.ok();
    }
} 